The Fake Google Chrome Update is a drive-by-download attack that infects your PC under the pretense of offering an update for Google’s Chrome browser. Although countless variants of the Fake Google Chrome Update have been sighted throughout the years, each with their own payloads, one of its most recent incidents involves the distribution of browser hijackers and adware programs. Malware experts remind all readers that installing updates from unofficial sources never is safe for your PC, and encourage using anti-malware products for deleting any unreliable software that a Fake Google Chrome Update may have installed with or without your permission.

Going from Browser Patches to Browser Problems

Fraudulent updates for popular browsers are a particularly common way for criminals to distribute threatening software, but the payloads of these attacks aren’t always high-level PC threats like the Trojan Zeus banking Trojan. The Fake Google Chrome Update hosted at nv83.info is one example of this kind of drive-by-download distributing browser hijackers, adware programs and PUPs. All of these low-level PC threats are minor security risks and usually should be eliminated without any undue hesitancy – although malware experts don’t consider them as damaging as Trojans or other threats that are designed to attack your computer with highly unsafe functions.

The variant of the Fake Google Chrome Update hosted at the aforementioned site currently installs adware that injects advertisements into your browser, as well as a search engine hijacker that redirects your browser’s searches to unwanted sites.

However, this payload is packaged in threes, and Chica Password Manager is the third and final program installed through the Fake Google Chrome Update. While malware analysts classify Chica Password Manager as a PUP, rather than a threat, the company associated with it has a history of being involved in suspicious business practices, and you may want to consider whether or not trusting your passwords to such a utility is a good idea.

Undoing the ‘Update’ that Undid Your Web Browser

A Fake Google Chrome Update may be identified merely by its coming from a non-official website that isn’t endorsed by Google as a means of distributing updates for its products. While the previously described attack campaign involving Fake Google Chrome Update is one of the most recent of its ilk, other versions of the Fake Google Chrome Update hosted on other sites may deliver different payloads with entirely different symptoms from those described previously. Malware researchers also warn that it’s a common practice for drive-by-downloads like the Fake Google Chrome Update to use script exploits that let them install risky software even when the user doesn’t download the update deliberately.

Deleting threats installed through the Fake Google Chrome Update always should be a job for suitable anti-malware programs or a PC security expert capable of removing both obvious and hidden system changes related to the attack. Even though the current version of the Fake Google Chrome Update only installs programs that conduct irritating changes to your browser, these changes may lead to other attacks of greater severity than a browser hijack or advertisement pop-up.